Droste
Droste is a Hong Kong-based Data Science Consultancy
Confirm device setup
Check in
1
2
3
FIDO U2F Keys
4
Good practices for you
Password Manager
Device Password
1
2
3
Accounts Settings
WHAT IS (YOUR)
DIGITAL SECURITY?
WHAT IS (YOUR)
DIGITAL SECURITY?
YOUR BIG STROKES HAVE A BIG IMPACT
YOUR BIG
STROKES
HAVE A
BIG IMPACT
BUT YOU NEED MANY SMALL STROKES TO COVER ALL THE DETAILS
BUT YOU NEED MANY SMALL STROKES TO COVER ALL THE DETAILS
ONLY YOU CAN DECIDE WHAT IS DETAILED ENOUGH FOR YOU
WHEN IS IT DONE?
ONLY YOU CAN DECIDE WHAT IS DETAILED ENOUGH FOR YOU
WHEN IS IT DONE?
[instructions]
see next slide
unless your iDevice is jailbroken
Settings > Apps > ⚙ icon > App permissions.
Settings > Privacy
[special attention]
Dual Space: Social Manager
[play store link]
Settings > Safe
Lock Type = PIN
Lock Type = PIN
Recovery Question should just point to your password manager
Screen off = Go to Home Screen
Settings > Disguise Icon
[ADVANCED] Hide App Icon
Change Calculator Icon
Fake Password
Prohibit Screenshots
Shake Close
FREE / PRO USD 4
Similar Features
Decoy Password
Backup Support
[app store link]
[play store link]
[app store link]
Settings > Private Camera
FREE / PRO USD 4
Similar Features
Decoy Password
Backup Support
[app store link]
SOURCE : "Censorship, Surveillance and Profits:
A Hard Bargain for Apple in China"
New York Times, 17 May 2021
Let's get you setup with
Invite People to Organization
BitWarden Admin
Create Organization
1
3
Create Collection for Shared Passwords
2
Grant access to Collections
4
Use Passphrase generated with Diceware
BitWarden Users
Accept invitation
5
7
Click "Create Account"
6
Login to your Vault
8
ACCOUNT SETUP
Accept invitation
5
Click "Create Account"
6
"Get Started" to sign up
https://bitwarden.com/
Use Passphrase generated with Diceware
7
Login to your Vault
8
Welcome to your Vault
EMERGENCY ACCESS
Admin
Users
Add emergency contact
2
Follow Emergency Policy
3
Accept emergency contact
4
Define Emergency Protocol
1
point person
trigger conditions
access control
automatic grant
Confirm emergency contact
5
Confirm account fingerprint
6
Add emergency contact
2
Follow Emergency Policy
3
You've succesfully invited your Emergency Contact ...
Accept emergency contact
4
Accept emergency contact
4
You've succesfully accepted your Emergency Contact ...
Confirm emergency contact
5
Accept emergency contact
4
You've succesfully accepted your Emergency Contact ...
Confirm account fingerprint
6
VAULT SETTINGS
Vault Timeout
1
Two-step Login
2
Let's get you setup with
Set Timeout Settings
Install Browser Extension
1
3
Login and Pop out
2
Set Options
4
BASIC SETUP
Install extension & pin it
1
Login and Pop out
2
Set Timeout Settings
3
Set options to what your are comfortable with
4
Log in to BitWarden extension
1
3
Existing account : login and store password
2
Login flow with BitWarden
4
DAILY USE
New account : generate and store password
Log in to BitWarden extension
1
Existing account : login and store password
2
New accounts : generate and store password
3
Login flow with BitWarden
4
Let's get you setup with
Select matching logins from keyboard
Install Mobile App
1
3
Setup Auto-fill
2
Set Options
4
BASIC SETUP & USE
Setup Auto-fill
2
USE : Select matching logins from keyboard
3
Set Options
4
HTTPS / 2FA Reports
Import passwords from other managers
1
3
Password Reports
2
Data Breach Reports
4
... THERE'S MORE
Support for Timed - One Time Passwords
5
Import passwords from other managers
1
Password Reports
2
HTTPS / 2FA Reports
3
Data Breach Reports
4
BitWarden Authenticator (TOTP)
5
No Software
Second Factor
1
6
Touch based
2
3
FIDO |
U2F |
Universal
Two
Factor
Fast
IDentity
Online
Durable
Phishing protection
4
Privacy by design
5
Log in to supported service
1
Indicate you
wish to use a
"U2F" key as
another factor
2
Tap the metal
circle 🔑 pad when prompted
3
Your account is
now tied to your
FIDO U2F key
🎉
Log in to a supported service
1
2
Tap the 🔑 pad when prompted
🎉
1. Store your Recovery Code
in a secure location
2. Link this BitWarden account to
your personal FIDO U2F Key
3. Enter your Master Password
4. Provide a Name - e.g. "Office Key" and click "Read Key" when you're ready to touch the key pad
5. After clicking save,
your key is now registered
1. Store your Recovery Code
in a secure location
2. Turn on two-step
verification
3. OK, Microsoft
4. We will use Authy or BitWarden's built-in authenticator
5a. Authy : Scan the QR code with the
authy app installed on your phone, and provide the generated code (TOPT)
5b. BitWarden : Click "I can't scan the bar code" and provide the Secret Key
to the OTP section in the login profile
6. If you are syncing your Outlook.com
email to your phone, follow the
respective instructions for your OS
Click "Next" when done, and "Finish" on the next page.
You'll be logged out and required to log in again.
Two Factor Authentication is now
turned on for your Microsoft account
Launch VeraCrypt app
1
Create Volume
2
Select the "Hidden" option
3
Select any location for the Volume and use any name
4
Leave the default algorithm
5
Choose size that can contain both presumed and true sensitive files
6
Create a memorable password - not a BitWarden generated one
7
Select "exFat" as format Option, then move the mouse until half the bar is green, then Format
8
Click next to repeat steps for the hidden volume, and choose a size for sensitive files
9
Generate secure password with BitWarden and use it
10
If you were successful, you should see this modal with a warning message
11
Click "next" and "exit" - you're ready to mount your volume!
12
Launch VC app, select a slot ,"Select File" to locate your volume, and mount it
13
Enter your 'memorable' password for the decoy volume, and your BW pass for the hidden volume
14
If successful, it will show up as mounted - double click to open in Finder
13
Place your decoy / sensitive files into the volume with it's mounted
14
Once you're finished working on the files, "Dismount" it.
15
Quit VeraCrypt when no longer in use
16
Once you're finished working on the files, "Dismount" it.
15
Quit VeraCrypt when no longer in use
16
the.phantom.2018.x265.NAHOM.mkv
NETWORK
HARD
WARE
HARD
WARE
about:telemetry
Preferences > General Tab > Network Settings > Settings > Enable Enable DNS over HTTPS.
Keep them up to date!
1
Don't share device
Make sure they auto-lock
2
3
Avoid connecting external devices
4
Encrypt drives and USB sticks
5
1
2
3
4
5
Only install apps from trusted sources (Google Play, official sites)
Keep apps up to date!
Avoid pirated software
Turn off sharing / back up features
1
2
3
4
1
2
3
4
Always use the password manager
Set accounts up properly ... or delete them
Set reminders to review security settings
(3x per year)
1
1
2
2
3
3
Allow for healthy distrust
Verify each other's identity
Avoid stress, allow for slow pace
Avoid clicking on links from strangers (use bookmarks)
1
1
2
2
3
3
4
4
By Droste